Page 61 of 1626 results (0.007 seconds)

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-45393

https://notcve.org/view.php?id=CVE-2022-45393

A cross-site request forgery (CSRF) vulnerability in Jenkins Delete log Plugin 1.0 and earlier allows attackers to delete build logs. Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en Jenkins Delete log Plugin 1.0 y versiones anteriores permite a los atacantes eliminar registros de compilación. • http://www.openwall.com/lists/oss-security/2022/11/15/4 https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2920 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-45398

https://notcve.org/view.php?id=CVE-2022-45398

A cross-site request forgery (CSRF) vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics. Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en Jenkins Cluster Statistics Plugin 0.4.6 y versiones anteriores permite a los atacantes eliminar los registros de Jenkins Cluster Statistics. • http://www.openwall.com/lists/oss-security/2022/11/15/4 https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2938 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-45384

https://notcve.org/view.php?id=CVE-2022-45384

Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system. Jenkins Reverse Proxy Auth Plugin 1.7.3 y versiones anteriores almacena la contraseña del administrador LDAP sin cifrar en el archivo global config.xml en el controlador de Jenkins, donde los atacantes con acceso al sistema de archivos del controlador de Jenkins pueden verla. • http://www.openwall.com/lists/oss-security/2022/11/15/4 https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2094 • CWE-522: Insufficiently Protected Credentials •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-45386

https://notcve.org/view.php?id=CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. El complemento Jenkins Violations 0.7.11 y versiones anteriores no configura su analizador XML para evitar ataques de entidades externas XML (XXE). • http://www.openwall.com/lists/oss-security/2022/11/15/4 https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-766 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-45396

https://notcve.org/view.php?id=CVE-2022-45396

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Jenkins SourceMonitor Plugin 0.2 y versiones anteriores no configuran su analizador XML para evitar ataques de entidades externas XML (XXE). • http://www.openwall.com/lists/oss-security/2022/11/15/4 https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2927 • CWE-611: Improper Restriction of XML External Entity Reference •